Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 56f8c9bc authored by Tetsuo Handa's avatar Tetsuo Handa Committed by James Morris
Browse files

TOMOYO: Remove next_domain from tomoyo_find_next_domain().



We can update bprm->cred->security inside tomoyo_find_next_domain().

Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent ccf135f5
Loading
Loading
Loading
Loading
+5 −5
Original line number Diff line number Diff line
@@ -787,12 +787,10 @@ struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *
 * tomoyo_find_next_domain - Find a domain.
 *
 * @bprm: Pointer to "struct linux_binprm".
 * @next_domain:    Pointer to pointer to "struct tomoyo_domain_info".
 *
 * Returns 0 on success, negative value otherwise.
 */
int tomoyo_find_next_domain(struct linux_binprm *bprm,
			    struct tomoyo_domain_info **next_domain)
int tomoyo_find_next_domain(struct linux_binprm *bprm)
{
	/*
	 * This function assumes that the size of buffer returned by
@@ -914,9 +912,11 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm,
		tomoyo_set_domain_flag(old_domain, false,
				       TOMOYO_DOMAIN_FLAGS_TRANSITION_FAILED);
 out:
	if (!domain)
		domain = old_domain;
	bprm->cred->security = domain;
	tomoyo_free(real_program_name);
	tomoyo_free(symlink_program_name);
	*next_domain = domain ? domain : old_domain;
	tomoyo_free(tmp);
	return retval;
}
+2 −8
Original line number Diff line number Diff line
@@ -61,14 +61,8 @@ static int tomoyo_bprm_check_security(struct linux_binprm *bprm)
	 * Execute permission is checked against pathname passed to do_execve()
	 * using current domain.
	 */
	if (!domain) {
		struct tomoyo_domain_info *next_domain = NULL;
		int retval = tomoyo_find_next_domain(bprm, &next_domain);

		if (!retval)
			bprm->cred->security = next_domain;
		return retval;
	}
	if (!domain)
		return tomoyo_find_next_domain(bprm);
	/*
	 * Read permission is checked against interpreters using next domain.
	 * '1' is the result of open_to_namei_flags(O_RDONLY).
+1 −2
Original line number Diff line number Diff line
@@ -31,8 +31,7 @@ int tomoyo_check_2path_perm(struct tomoyo_domain_info *domain,
			    struct path *path2);
int tomoyo_check_rewrite_permission(struct tomoyo_domain_info *domain,
				    struct file *filp);
int tomoyo_find_next_domain(struct linux_binprm *bprm,
			    struct tomoyo_domain_info **next_domain);
int tomoyo_find_next_domain(struct linux_binprm *bprm);

/* Index numbers for Access Controls. */